1*598139dcSAndroid Build Coastguard Worker /* 2*598139dcSAndroid Build Coastguard Worker * Copyright 2012, Samsung Telecommunications of America 3*598139dcSAndroid Build Coastguard Worker * Copyright (C) 2014 The Android Open Source Project 4*598139dcSAndroid Build Coastguard Worker * 5*598139dcSAndroid Build Coastguard Worker * Licensed under the Apache License, Version 2.0 (the "License"); 6*598139dcSAndroid Build Coastguard Worker * you may not use this file except in compliance with the License. 7*598139dcSAndroid Build Coastguard Worker * You may obtain a copy of the License at 8*598139dcSAndroid Build Coastguard Worker * 9*598139dcSAndroid Build Coastguard Worker * http://www.apache.org/licenses/LICENSE-2.0 10*598139dcSAndroid Build Coastguard Worker * 11*598139dcSAndroid Build Coastguard Worker * Unless required by applicable law or agreed to in writing, software 12*598139dcSAndroid Build Coastguard Worker * distributed under the License is distributed on an "AS IS" BASIS, 13*598139dcSAndroid Build Coastguard Worker * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14*598139dcSAndroid Build Coastguard Worker * See the License for the specific language governing permissions and 15*598139dcSAndroid Build Coastguard Worker * limitations under the License. 16*598139dcSAndroid Build Coastguard Worker * 17*598139dcSAndroid Build Coastguard Worker * Written by William Roberts <[email protected]> 18*598139dcSAndroid Build Coastguard Worker */ 19*598139dcSAndroid Build Coastguard Worker 20*598139dcSAndroid Build Coastguard Worker #pragma once 21*598139dcSAndroid Build Coastguard Worker 22*598139dcSAndroid Build Coastguard Worker #include <stdint.h> 23*598139dcSAndroid Build Coastguard Worker #include <sys/cdefs.h> 24*598139dcSAndroid Build Coastguard Worker #include <sys/socket.h> 25*598139dcSAndroid Build Coastguard Worker #include <sys/types.h> 26*598139dcSAndroid Build Coastguard Worker 27*598139dcSAndroid Build Coastguard Worker #include <linux/audit.h> 28*598139dcSAndroid Build Coastguard Worker #include <linux/netlink.h> 29*598139dcSAndroid Build Coastguard Worker 30*598139dcSAndroid Build Coastguard Worker __BEGIN_DECLS 31*598139dcSAndroid Build Coastguard Worker 32*598139dcSAndroid Build Coastguard Worker #define MAX_AUDIT_MESSAGE_LENGTH 8970 33*598139dcSAndroid Build Coastguard Worker 34*598139dcSAndroid Build Coastguard Worker typedef enum { GET_REPLY_BLOCKING = 0, GET_REPLY_NONBLOCKING } reply_t; 35*598139dcSAndroid Build Coastguard Worker 36*598139dcSAndroid Build Coastguard Worker /* type == AUDIT_SIGNAL_INFO */ 37*598139dcSAndroid Build Coastguard Worker struct audit_sig_info { 38*598139dcSAndroid Build Coastguard Worker uid_t uid; 39*598139dcSAndroid Build Coastguard Worker pid_t pid; 40*598139dcSAndroid Build Coastguard Worker char ctx[0]; 41*598139dcSAndroid Build Coastguard Worker }; 42*598139dcSAndroid Build Coastguard Worker 43*598139dcSAndroid Build Coastguard Worker struct audit_message { 44*598139dcSAndroid Build Coastguard Worker struct nlmsghdr nlh; 45*598139dcSAndroid Build Coastguard Worker char data[MAX_AUDIT_MESSAGE_LENGTH]; 46*598139dcSAndroid Build Coastguard Worker }; 47*598139dcSAndroid Build Coastguard Worker 48*598139dcSAndroid Build Coastguard Worker /** 49*598139dcSAndroid Build Coastguard Worker * Opens a connection to the Audit netlink socket 50*598139dcSAndroid Build Coastguard Worker * @return 51*598139dcSAndroid Build Coastguard Worker * A valid fd on success or < 0 on error with errno set. 52*598139dcSAndroid Build Coastguard Worker * Returns the same errors as man 2 socket. 53*598139dcSAndroid Build Coastguard Worker */ 54*598139dcSAndroid Build Coastguard Worker extern int audit_open(void); 55*598139dcSAndroid Build Coastguard Worker 56*598139dcSAndroid Build Coastguard Worker /** 57*598139dcSAndroid Build Coastguard Worker * Closes the fd returned from audit_open() 58*598139dcSAndroid Build Coastguard Worker * @param fd 59*598139dcSAndroid Build Coastguard Worker * The fd to close 60*598139dcSAndroid Build Coastguard Worker */ 61*598139dcSAndroid Build Coastguard Worker extern void audit_close(int fd); 62*598139dcSAndroid Build Coastguard Worker 63*598139dcSAndroid Build Coastguard Worker /** 64*598139dcSAndroid Build Coastguard Worker * 65*598139dcSAndroid Build Coastguard Worker * @param fd 66*598139dcSAndroid Build Coastguard Worker * The fd returned by a call to audit_open() 67*598139dcSAndroid Build Coastguard Worker * @param rep 68*598139dcSAndroid Build Coastguard Worker * The response struct to store the response in. 69*598139dcSAndroid Build Coastguard Worker * @param block 70*598139dcSAndroid Build Coastguard Worker * Whether or not to block on IO 71*598139dcSAndroid Build Coastguard Worker * @param peek 72*598139dcSAndroid Build Coastguard Worker * Whether or not we are to remove the message from 73*598139dcSAndroid Build Coastguard Worker * the queue when we do a read on the netlink socket. 74*598139dcSAndroid Build Coastguard Worker * @return 75*598139dcSAndroid Build Coastguard Worker * This function returns 0 on success, else -errno. 76*598139dcSAndroid Build Coastguard Worker */ 77*598139dcSAndroid Build Coastguard Worker extern int audit_get_reply(int fd, struct audit_message* rep, reply_t block, 78*598139dcSAndroid Build Coastguard Worker int peek); 79*598139dcSAndroid Build Coastguard Worker 80*598139dcSAndroid Build Coastguard Worker /** 81*598139dcSAndroid Build Coastguard Worker * Sets a pid to receive audit netlink events from the kernel 82*598139dcSAndroid Build Coastguard Worker * @param fd 83*598139dcSAndroid Build Coastguard Worker * The fd returned by a call to audit_open() 84*598139dcSAndroid Build Coastguard Worker * @param pid 85*598139dcSAndroid Build Coastguard Worker * The pid whom to set as the receiver of audit messages 86*598139dcSAndroid Build Coastguard Worker * @return 87*598139dcSAndroid Build Coastguard Worker * This function returns 0 on success, -errno on error. 88*598139dcSAndroid Build Coastguard Worker */ 89*598139dcSAndroid Build Coastguard Worker extern int audit_setup(int fd, pid_t pid); 90*598139dcSAndroid Build Coastguard Worker 91*598139dcSAndroid Build Coastguard Worker /** 92*598139dcSAndroid Build Coastguard Worker * Throttle kernel messages at the provided rate 93*598139dcSAndroid Build Coastguard Worker * @param fd 94*598139dcSAndroid Build Coastguard Worker * The fd returned by a call to audit_open() 95*598139dcSAndroid Build Coastguard Worker * @param rate 96*598139dcSAndroid Build Coastguard Worker * The rate, in messages per second, above which the kernel 97*598139dcSAndroid Build Coastguard Worker * should drop audit messages. 98*598139dcSAndroid Build Coastguard Worker * @return 99*598139dcSAndroid Build Coastguard Worker * This function returns 0 on success, -errno on error. 100*598139dcSAndroid Build Coastguard Worker */ 101*598139dcSAndroid Build Coastguard Worker extern int audit_rate_limit(int fd, uint32_t limit); 102*598139dcSAndroid Build Coastguard Worker 103*598139dcSAndroid Build Coastguard Worker /** 104*598139dcSAndroid Build Coastguard Worker * Logs an AVC decision from userland. 105*598139dcSAndroid Build Coastguard Worker * @param fd 106*598139dcSAndroid Build Coastguard Worker * The fd returned by a call to audit_open() 107*598139dcSAndroid Build Coastguard Worker * @param msg 108*598139dcSAndroid Build Coastguard Worker * The message to log. 109*598139dcSAndroid Build Coastguard Worker * @return 110*598139dcSAndroid Build Coastguard Worker * This function returns 0 on success, -errno on error. 111*598139dcSAndroid Build Coastguard Worker */ 112*598139dcSAndroid Build Coastguard Worker extern int audit_log_android_avc_message(int fd, const char* msg); 113*598139dcSAndroid Build Coastguard Worker 114*598139dcSAndroid Build Coastguard Worker __END_DECLS 115